[clue] Rsync and root
Will
will.sterling at gmail.com
Fri Nov 4 09:17:13 MDT 2011
What I do is allow root key's but use a single purpose key that runs rsync
in a specific directory. Same end result as chrooting but I can maintain
permissions.
On Fri, Nov 4, 2011 at 9:12 AM, marcus hall <marcus at tuells.org> wrote:
> On Thu, Nov 3, 2011 at 7:51 PM, Jason Friedman <jason at powerpull.net>
> wrote:
>
> > I am wanting to synchronize two filesystems, probably with rsync, and
> ...
> > For root to connect to another host as root, absent someone typing a
> > password, SSH keys could be exchanged, or one can use RSH and .rhosts
> > (unencrypted).
> > If my organization discourages the use of RSH and discourages the use
> > of exchanging root's keys (but accepts the exchanging of non-root
> > keys), what are my options?
>
> On Thu, Nov 03, 2011 at 08:31:08PM -0600, Will wrote:
> > Use single purpose SSH keys, connect as a non-root user with an
> autharized
> > key. When that key is used it runs sudo and starts rsync as root.
>
> Of course, exchanging keys of a non-root user that can sudo rsync is
> essentially the same thing as exchanging keys of root, so this is getting
> around the letter of the policy while violating the spirit of the policy.
>
> What you need to do is to restrict the scope of what rsync can overwrite,
> perhaps building a chroot environment or something, and restricting the
> ssh user to only be able to execute the command to get into the environment
> (which may invlove sudo along the way). Also, I think you can restrict
> the connection to be from the appropriate client system as well.. These
> are all good to prevent spread of a compromise.
>
> Without such restrictions, if the public key of the client system (the
> one that initiates the connection) is compromised, then someone could
> use the root-priviledged rsync could overwrite any file on the server
> that they desired...
>
> If the contents of the directory can be changed on either machine, then
> the problem of keeping them in sync is more problematic. Rsync can take
> a whack at it (check out the -u option to update only if the file is
> newer), but it fails to properly handle conflicts and deletions. A better
> tool for this is unison, which is designed to handle this. If you are
> keeping a backup, then rdiff-backup is based on librsync, but does other
> things useful for backup, like maintaining previous versions, etc.
>
> marcus hall
> marcus at tuells.org
> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20111104/c767c8fc/attachment-0001.html
More information about the clue
mailing list